Exchange 2010 AutoDiscover / Outlook Anywhere issue

Having a strange problem with Outlook / Exchange 2010 here that I hope someone can help me through.

I have outlook set up on a number of company laptops, using outlook anywhere so that they work both inside and outside the corporate LAN.
on the internal LAN everything works fine, externally however Outlook refuses to connect, continually displaying a pop-up box asking for the username and password.... putting those in doesn't do anything, the message just re-appears.

After much testing, I have discovered that if I navigate within outlook to
accounts / more settings / connections tab / exchange proxy settings button

There's a section entitled connection settings - this is populated with the followinghttps://internal_server_name.domain.com
there's then a tick in the box saying "only connect to proxy servers that have.........

if I change the first box to https://mail.domain.com and remove the tick from the second box then everything works externally.

However, the moment the machines are plugged back into the LAN, the original settings re-populate.

This tells me it's something to do with the autodiscover file..... but I don't know exchange well enough to fiddle.

Can someone either help me sort the problem, or disable autodiscover somehow as (to my knowledge) we don;t actually need autodiscover to work.

Who is Participating?

The simple answer would be the external ip of your firewall, the ideal answer would be to the Dns alias your using fo outlook web access. As long as autodiscover resolves is dns to you internal server instead of the wrong one.

You need to ensure you have a DNS entry for Autodiscover.yourdomain.com and that the public certificate installed on the client access server contains the subject of yourdomain.com and also subject alternative names of mail or webmail.yourdomain.com and autodiscover.yourdomain.com

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

this will return to you some errors, you can cut and paste the results here and an Expert can help you resolve the problem.

0

dangermouse1977Author Commented: 2011-10-20

OK, test has been run, I've pasted the results below.... there's something strange though, the IP address that it's returned is the IP address of the domain hosting company that used to host the POP mail on the domain months ago before we converted to an Internal exchange server..... not sure why that is?

Testing TCP port 443 on host adc-international.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server adc-international.com on port 443.
ExRCA wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.

Testing TCP port 443 on host autodiscover.adc-international.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server autodiscover.adc-international.com on port 443.
ExRCA wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.

Attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.
Test Steps
Attempting to resolve the host name autodiscover.adc-international.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 84.18.207.37

Testing TCP port 80 on host autodiscover.adc-international.com to ensure it's listening and open.
The port was opened successfully.
ExRCA is checking the host autodiscover.adc-international.com for an HTTP redirect to the Autodiscover service.
ExRCA failed to get an HTTP redirect response for Autodiscover.
Additional Details
A Web exception occurred because an HTTP 400 - BadRequest response was received from Unknown.

Attempting to contact the Autodiscover service using the DNS SRV redirect method.
ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.adc-international.com in DNS.
The Autodiscover SRV record wasn't found in DNS.
Tell me more about this issue and how to resolve it

0

dangermouse1977Author Commented: 2011-10-20

I should probably mention that the ISP who own that IP address still host the web presence attached to the domain and the domain is registered through them.
Our exchange server is internal though and should be on 94.200.114.*** address

what do you mean the error persists, when you connect a computer what are the settings by outlook now ? it should be the mail.domain.com and not internalname.domain.com

0

dangermouse1977Author Commented: 2011-10-21

OK, thanks for the help, I'm actually in Dubai, so Friday / Saturday am not in the office as it's our weekend.
I'll pick this up again on Sunday morning and try and work through to a solution.
Thanks again

0

dangermouse1977Author Commented: 2011-11-09

I've accepted both answers as I'm not sure which change actually fixed the issue, either way everything is now functioning as it should.